diff --git a/manifests/api.pp b/manifests/api.pp index 727a3fc..33f99b2 100755 --- a/manifests/api.pp +++ b/manifests/api.pp @@ -12,6 +12,19 @@ # (Optional) Define if the service should be enabled or not. # Defaults to true # +# [*manage_service*] +# (Optional) Whether the service should be managed by Puppet. +# Defaults to true +# +# [*service_name*] +# (Optional) Name of the service that will be providing the +# server functionality of magnum-api. +# If the value is 'httpd', this means magnum-api will be a web +# service, and you must use another class to configure that +# web service. For example, use class { 'magnum::wsgi::apache'...} +# to make magnum-api be a web app using apache mod_wsgi. +# Defaults to $::magnum::params::api_service +# # [*port*] # (Optional) The port for the Magnum API server. # Defaults to '9511' @@ -54,6 +67,8 @@ class magnum::api( $package_ensure = 'present', $enabled = true, + $manage_service = true, + $service_name = $::magnum::params::api_service, $port = '9511', $host = '127.0.0.1', $max_limit = '1000', @@ -63,7 +78,7 @@ class magnum::api( $ssl_cert_file = $::os_service_default, $ssl_key_file = $::os_service_default, $workers = $::os_workers, -) { +) inherits magnum::params { include ::magnum::deps include ::magnum::params @@ -102,19 +117,33 @@ class magnum::api( } } - if $enabled { - $ensure = 'running' - } else { - $ensure = 'stopped' - } + if $manage_service { + if $enabled { + $ensure = 'running' + } else { + $ensure = 'stopped' + } - # Manage service - service { 'magnum-api': - ensure => $ensure, - name => $::magnum::params::api_service, - enable => $enabled, - hasstatus => true, - tag => ['magnum-service', 'magnum-db-sync-service'], + if $service_name == $::magnum::params::api_service { + service { 'magnum-api': + ensure => $ensure, + name => $::magnum::params::api_service, + enable => $enabled, + hasstatus => true, + tag => ['magnum-service', 'magnum-db-sync-service'], + } + } elsif $service_name == 'httpd' { + include ::apache::params + service { 'magnum-api': + ensure => 'stopped', + name => $::magnum::params::api_service, + enable => false, + hasstatus => true, + tag => ['magnum-service', 'magnum-db-sync-service'], + } + Service['magnum-api'] -> Service[$service_name] + Service<| title == 'httpd' |> { tag +> ['magnum-service', 'magnum-db-sync-service'] } + } } if $auth_strategy == 'keystone' { diff --git a/manifests/params.pp b/manifests/params.pp index f7be568..65ef274 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -7,31 +7,37 @@ class magnum::params { if ($::os_package_type == 'debian') { $pyvers = '3' + $pyver3 = '3' } else { $pyvers = '' + $pyver3 = '2.7' } $group = 'magnum' case $::osfamily { 'RedHat': { # package names - $common_package = 'openstack-magnum-common' - $api_package = 'openstack-magnum-api' - $conductor_package = 'openstack-magnum-conductor' + $common_package = 'openstack-magnum-common' + $api_package = 'openstack-magnum-api' + $conductor_package = 'openstack-magnum-conductor' # service names - $api_service = 'openstack-magnum-api' - $conductor_service = 'openstack-magnum-conductor' - $client_package = 'python2-magnumclient' + $api_service = 'openstack-magnum-api' + $conductor_service = 'openstack-magnum-conductor' + $client_package = 'python2-magnumclient' + $wsgi_script_path = '/var/www/cgi-bin/magnum' + $wsgi_script_source = '/usr/lib/python2.7/site-packages/magnum/api/app.wsgi' } 'Debian': { # package names - $common_package = 'magnum-common' - $api_package = 'magnum-api' - $conductor_package = 'magnum-conductor' + $common_package = 'magnum-common' + $api_package = 'magnum-api' + $conductor_package = 'magnum-conductor' # service names - $api_service = 'magnum-api' - $conductor_service = 'magnum-conductor' - $client_package = "python${pyvers}-magnumclient" + $api_service = 'magnum-api' + $conductor_service = 'magnum-conductor' + $client_package = "python${pyvers}-magnumclient" + $wsgi_script_path = '/usr/lib/cgi-bin/magnum' + $wsgi_script_source = "/usr/lib/python${pyver3}/dist-packages/magnum/api/app.wsgi" } default: { fail("Unsupported osfamily: ${::osfamily} operatingsystem") diff --git a/manifests/wsgi/apache.pp b/manifests/wsgi/apache.pp new file mode 100644 index 0000000..3ac4da5 --- /dev/null +++ b/manifests/wsgi/apache.pp @@ -0,0 +1,155 @@ +# +# Copyright (C) 2018 Binero +# +# Author: Tobias Urdin +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: magnum::wsgi::apache +# +# Install Magnum API under apache with mod_wsgi. +# +# == Parameters: +# +# [*servername*] +# (Optional) The servername for the virtualhost. +# Defaults to $::fqdn +# +# [*port*] +# (Optional) The port. +# Defaults to 9511 +# +# [*bind_host*] +# (Optional) The host/ip address Apache will listen on. +# Defaults to undef (listen on all ip addresses). +# +# [*path*] +# (Optional) The prefix for the endpoint. +# Defaults to '/' +# +# [*ssl*] +# (Optional) Use ssl. +# Defaults to false +# +# [*workers*] +# (Optional) Number of WSGI workers to spawn. +# Defaults to $::os_workers +# +# [*priority*] +# (Optional) The priority for the vhost. +# Defaults to '10' +# +# [*threads*] +# (Optional) The number of threads for the vhost. +# Defaults to 1 +# +# [*wsgi_process_display_name*] +# (Optional) Name of the WSGI process display-name. +# Defaults to undef +# +# [*ssl_cert*] +# [*ssl_key*] +# [*ssl_chain*] +# [*ssl_ca*] +# [*ssl_crl_path*] +# [*ssl_crl*] +# [*ssl_certs_dir*] +# (Optional) apache::vhost ssl parameters. +# Default to apache::vhost 'ssl_*' defaults +# +# [*access_log_file*] +# (Optional) The log file name for the virtualhost. +# Defaults to false +# +# [*access_log_format*] +# (Optional) The log format for the virtualhost. +# Defaults to false +# +# [*error_log_file*] +# (Optional) The error log file name for the virtualhost. +# Defaults to undef +# +# [*custom_wsgi_process_options*] +# (Optional) gives you the oportunity to add custom process options or to +# overwrite the default options for the WSGI main process. +# eg. to use a virtual python environment for the WSGI process +# you could set it to: +# { python-path => '/my/python/virtualenv' } +# Defaults to {} +# +# == Example: +# +# include apache +# class { 'magnum::wsgi::apache': } +# +class magnum::wsgi::apache ( + $servername = $::fqdn, + $port = 9511, + $bind_host = undef, + $path = '/', + $ssl = false, + $workers = $::os_workers, + $ssl_cert = undef, + $ssl_key = undef, + $ssl_chain = undef, + $ssl_ca = undef, + $ssl_crl_path = undef, + $ssl_crl = undef, + $ssl_certs_dir = undef, + $wsgi_process_display_name = undef, + $threads = 1, + $priority = '10', + $access_log_file = false, + $access_log_format = false, + $error_log_file = undef, + $custom_wsgi_process_options = {}, +) { + + include ::magnum::deps + include ::magnum::params + include ::apache + include ::apache::mod::wsgi + if $ssl { + include ::apache::mod::ssl + } + ::openstacklib::wsgi::apache { 'magnum_wsgi': + bind_host => $bind_host, + bind_port => $port, + group => 'magnum', + path => $path, + priority => $priority, + servername => $servername, + ssl => $ssl, + ssl_ca => $ssl_ca, + ssl_cert => $ssl_cert, + ssl_certs_dir => $ssl_certs_dir, + ssl_chain => $ssl_chain, + ssl_crl => $ssl_crl, + ssl_crl_path => $ssl_crl_path, + ssl_key => $ssl_key, + threads => $threads, + user => 'magnum', + workers => $workers, + wsgi_daemon_process => 'magnum', + wsgi_process_display_name => $wsgi_process_display_name, + wsgi_process_group => 'magnum', + wsgi_script_dir => $::magnum::params::wsgi_script_path, + wsgi_script_file => 'app', + wsgi_script_source => $::magnum::params::wsgi_script_source, + access_log_file => $access_log_file, + access_log_format => $access_log_format, + error_log_file => $error_log_file, + custom_wsgi_process_options => $custom_wsgi_process_options, + require => Anchor['magnum::install::end'], + } +} diff --git a/releasenotes/notes/magnum-api-wsgi-d0740524e4232379.yaml b/releasenotes/notes/magnum-api-wsgi-d0740524e4232379.yaml new file mode 100644 index 0000000..bd502fd --- /dev/null +++ b/releasenotes/notes/magnum-api-wsgi-d0740524e4232379.yaml @@ -0,0 +1,8 @@ +--- +features: + - | + Added magnum::api::manage_service that can be used to determine if we should + manage the service state or not. + - | + Added new class magnum::wsgi::apache, you can now run the magnum API under + Apache with mod_wsgi. diff --git a/spec/classes/magnum_api_spec.rb b/spec/classes/magnum_api_spec.rb index 15441a3..ce42416 100755 --- a/spec/classes/magnum_api_spec.rb +++ b/spec/classes/magnum_api_spec.rb @@ -36,13 +36,11 @@ describe 'magnum::api' do it { is_expected.to contain_class('magnum::policy') } it 'configures magnum api package' do - if platform_params.has_key?(:api_package) - is_expected.to contain_package('magnum-api').with( - :ensure => p[:package_ensure], - :name => platform_params[:api_package], - :tag => ['openstack', 'magnum-package'], - ) - end + is_expected.to contain_package('magnum-api').with( + :ensure => p[:package_ensure], + :name => platform_params[:api_package], + :tag => ['openstack', 'magnum-package'], + ) end it 'ensures magnum api service is running' do @@ -95,6 +93,32 @@ describe 'magnum::api' do end end + shared_examples 'magnum-api wsgi' do + let :pre_condition do + "include ::magnum + class { 'magnum::keystone::authtoken': + password => 'secret', + } + include ::apache" + end + + let :params do + { + :service_name => 'httpd', + } + end + + context 'with required params' do + it { should contain_service('magnum-api').with( + :ensure => 'stopped', + :name => platform_params[:api_service], + :enable => false, + :hasstatus => true, + :tag => ['magnum-service', 'magnum-db-sync-service'], + )} + end + end + on_supported_os({ :supported_os => OSDefaults.get_supported_os }).each do |os,facts| @@ -103,11 +127,19 @@ describe 'magnum::api' do facts.merge!(OSDefaults.get_facts()) end - let :platform_params do - { :api_service => 'magnum-api' } + let(:platform_params) do + case facts[:osfamily] + when 'Debian' + { :api_package => 'magnum-api', + :api_service => 'magnum-api' } + when 'RedHat' + { :api_package => 'openstack-magnum-api', + :api_service => 'openstack-magnum-api' } + end end it_configures 'magnum-api' + it_configures 'magnum-api wsgi' end end